-
Notifications
You must be signed in to change notification settings - Fork 493
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
0.11.0 release candidate 1 #1925
Conversation
Signed-off-by: Pravek Sharma <sharmapravek@gmail.com>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, I'm not asked for review, but there's at least one comment I have to make: Shouldn't this trigger all CI?
You certainly should have been; I simply missed adding reviewers. :) It triggered the extended and oqs-provider release tests as well as all of the standard (PR) tests. The former don't show up here since they were triggered by the release event and not by the pull_request event. Here's the liboqs run: and here's the downstream run in provider: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. But is this meant to land or only when final?
Do you plan to land the final version of ML-DSA later or the current version is already the final one? |
Later on, see #1919. The current version is still 'ipd'. |
Great! Do you plan to land it in 0.11 or later? |
Decision was to push it to 0.12.0. |
Thanks for clarification! |
|
||
This release adds support for ML-KEM (previously known as CRYSTALS-Kyber) and ML-DSA (previously known as CRYSTALS-Dilithium), based on the initial public drafts of [FIPS 203](https://csrc.nist.gov/pubs/fips/203/ipd) and [FIPS 204](https://csrc.nist.gov/pubs/fips/204/ipd), respectively. OQS continues to support the NIST Round 3 versions of Kyber and Dilithium for interoperability purposes. This release additionally updates HQC to the NIST Round 4 version and adds support for fixed-length Falcon signatures. | ||
This release updates ML-KEM implementations to their [final FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) versions (OQS continues to support NIST Round 3 version of Kyber for interoperability purposes). Additionally, this release adds support for MAYO and CROSS digital signature schemes from [NIST Additional Signatures Round 1](https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures) along with stateful hash-based signature schemes [XMSS](https://datatracker.ietf.org/doc/html/rfc8391) and [LMS](https://datatracker.ietf.org/doc/html/rfc8554). Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from [libjade](https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This release updates ML-KEM implementations to their [final FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) versions (OQS continues to support NIST Round 3 version of Kyber for interoperability purposes). Additionally, this release adds support for MAYO and CROSS digital signature schemes from [NIST Additional Signatures Round 1](https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures) along with stateful hash-based signature schemes [XMSS](https://datatracker.ietf.org/doc/html/rfc8391) and [LMS](https://datatracker.ietf.org/doc/html/rfc8554). Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from [libjade](https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2). | |
This release updates ML-KEM implementations to their [final FIPS 203](https://csrc.nist.gov/pubs/fips/203/final) versions. This release still includes the NIST Round 3 version of Kyber for interoperability purposes, but we plan to remove Kyber Round 3 in a future release. Additionally, this release adds support for MAYO and CROSS digital signature schemes from [NIST Additional Signatures Round 1](https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures) along with stateful hash-based signature schemes [XMSS](https://datatracker.ietf.org/doc/html/rfc8391) and [LMS](https://datatracker.ietf.org/doc/html/rfc8554). Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from [libjade](https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! One suggestion for wording around Kyber Round 3 but otherwise good to go.
Only when final.
Perfect, I'll make the change in the release notes when updating the version string to remove "-rc1". |
As discussed yesterday (to give feedback on testing intentions) I don't see a good reason to test this with oqsprovider until we have re-established functional parity with CF again, see also openssl/project#844. Realistically I don't see a risk there though, just need to wait a bit until @bhess is back from ICMC. Any other thoughts, @SWilson4 @praveksharma (also as I'm looking to you for doing the actual oqsprovider release as well as any possible further downstream releases)? |
In an in-person meeting with @dstebila and @praveksharma earlier this week, we agreed to hold 0.11.0 until open-quantum-safe/oqs-provider#503 / open-quantum-safe/oqs-provider#524 are resolved / tested to enable thorough testing of ML-KEM. |
@@ -14,117 +14,118 @@ liboqs can be used with the following Open Quantum Safe application integrations | |||
- **OQS-BoringSSL**: A prototype integration of liboqs-based authentication and key exchange into TLS 1.3 in our fork of BoringSSL; see https://github.com/open-quantum-safe/boringssl. | |||
- **OQS-OpenSSH**: A prototype integration of liboqs-based authentication and key exchange into Secure Shell (SSH) version 2 in our fork of OpenSSH; see https://github.com/open-quantum-safe/openssh. | |||
|
|||
Several [demos](https://github.com/open-quantum-safe/oqs-demos) are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. Performance of liboqs in several settings is measured at https://openquantumsafe.org/benchmarking/. | |||
Several [demos](https://github.com/open-quantum-safe/oqs-demos) are available for using the above libraries in applications, including Apache, Chromium, curl, haproxy, nginx, and Wireshark. | |||
|
|||
liboqs can also be used in the following programming languages via language-specific wrappers: | |||
|
|||
- C++, via https://github.com/open-quantum-safe/liboqs-cpp | |||
- Go, via https://github.com/open-quantum-safe/liboqs-go |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
liboqs-java was deleted in error; reminder to add it back when preparing the final release.
Closing as #1939 has landed. |
Please see the associated pre-release: https://github.com/open-quantum-safe/liboqs/releases/tag/0.11.0-rc1